monxresearch-sec
-
UNC6426 used stolen npm keys to gain AWS administrator access in under 72 hours
UNC6426 leveraged keys from an August 2025 nx npm supply chain compromise to obtain a GitHub token and escalate to AWS administrator permissions in under 72 hours, leading to S3 data exfiltration and production resource destruction.
-
Two Chrome extensions weaponized after ownership transfers, affecting about 7,800 users
Two Chrome extensions were weaponized after ownership transfers, allowing remote JavaScript to bypass protections and harvest credentials. QuickLens affected about 7,000 users and ShotBird about 800 users. Users should remove unknown extensions and audit browsers.
